Star N9500, a Chinese Android smartphone, which can be bought on Amazon, eBay and from other online retailers, has been found to contain a built-in trojan that pretends to be the Google Play Store. The smartphone closely resembles Samsung’s Galaxy S4 and is manufactured in China. The device is sold online through resellers in Belfast and Hong Kong.
The virus, known as “Uupay.D”, pretends to be the Google Play Store and comes pre-installed on the device, so that the user can’t remove it. One of the German security companies analyzed the smartphone purchased directly from the factory in China.
The trojan steals personal data from the device and sends it to an anonymous server in China. Moreover, it can install additional apps or malware without your knowledge. The experts admit that the options with this spy malware are almost unlimited. Users see nothing else than an app with the Google Play Store icon in the running processes. The malware allows the criminals to track your location, intercept and record phone calls, make purchases and send text messages. Finally, it could be used to break into online banking and similar services.
In the meantime, users are likely to be oblivious to the fact that their cheap and cool device could be stealing their information and live its own life, rating the smartphone five stars on Amazon and other online stores. You can buy Star N9500 across Europe two or three times cheaper than comparable devices from other manufacturers. Of course, the device has sold in the hundreds.
The security experts think that the low price of a device is a criminal tactic to entice users. The criminals may make money from the sale of stolen personal information. In is unclear at what stage the malware is introduced, but the buyers should beware in any case. Although very cheap offers online must make buyers suspicious, for some reason they don’t.
The statistics say that Android accounted for 97% of the malware targeted at mobile devices in 2013, which shows an increase of 20% from 2012. However, the Google Play Store, which is pre-installed on all Google Android devices, can only be blamed for 0.1% of the malware, because the majority of malware is downloaded by the users from third-party app stores like Chinese Baidu and Anzhi. Why do people go there? Just because access to Google Play is restricted in the country.